﻿using Duende.IdentityServer.Models;
using System.Security.Claims;
using static Duende.IdentityServer.IdentityServerConstants;

namespace SimpleSaasAuth.Configuration
{
	public class IdentityServiceConfig
	{
		/// <summary>
		/// 
		/// </summary>
		/// <returns></returns>
		public static IEnumerable<IdentityResource> GetIdentityResources()
		{
			return new List<IdentityResource>
			{
				new IdentityResources.OpenId(),
				new IdentityResources.Profile()
			};
		}
		/// <summary>
		/// 
		/// </summary>
		/// <returns></returns>
		public static IEnumerable<ApiResource> GetApiResources()
		{
			return new List<ApiResource>
			{

                ///资源arg1:对应服务中注册的apiName
                 new ApiResource("SimpleSaas","SimpleSaas",
				 new List<string>()
				 {
					 System.Security.Claims.ClaimTypes.Sid,
					 System.Security.Claims.ClaimTypes.Spn,
					 "Teacher_Class"})
				{
				   Scopes={ "SimpleSaas" },
					ApiSecrets={ new Secret("123456".Sha256())},
				}
			};
		}
		/// <summary>
		/// 
		/// </summary>
		/// <returns></returns>
		public static IEnumerable<ApiScope> GetApiScopes()
		{
			return new List<ApiScope>
			{
				new ApiScope("SimpleSaas"),
			};
		}
		/// <summary>
		/// 
		/// </summary>
		/// <returns></returns>
		public static IEnumerable<Client> GetClients()
		{
			return new List<Client>
			{
				new Client
				{
					ClientId="webclient",
					AllowedGrantTypes=new List<string>{ GrantTypes.ResourceOwnerPassword.FirstOrDefault(),"weixinopen" },
					AccessTokenType=AccessTokenType.Reference,
					AccessTokenLifetime=86400,
					ClientSecrets= {
						new Secret("123456".Sha256())
					},
					AllowOfflineAccess=true,
				   AllowedScopes={ "openid","SimpleSaas",StandardScopes.OfflineAccess},
				  AlwaysSendClientClaims=true,
				  AlwaysIncludeUserClaimsInIdToken=true,
				},
			};
		}
	}
}